Overview

overview

7

Static

static

8c80130b9f...bd.exe

windows7-x64

7

8c80130b9f...bd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 13:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c80130b9fadbe647697f68309430e30e3af5f9e700072fd4f694030ea28e9bd.exe

  • Size

    935KB

  • MD5

    c7968c746585b4297db50e6d144e49a8

  • SHA1

    d4762305a90f82657ba07f781d1538bea29c6e80

  • SHA256

    8c80130b9fadbe647697f68309430e30e3af5f9e700072fd4f694030ea28e9bd

  • SHA512

    d8bdba357716f0ed5794916cfd4871fe6185f04a3b300253aa7b9135890c32b6df03b45dd84c4d65b6baf2777f158e4a446eba0f8db17c72f3deacf1f42d4151

  • SSDEEP

    24576:/M+EMWLrKaCHTza41B3oUD/w9jMrOffAr0GcSZzpt:ENLrKn24v3oUD/sM2O0Gj

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8c80130b9fadbe647697f68309430e30e3af5f9e700072fd4f694030ea28e9bd.exe
    "C:\Users\Admin\AppData\Local\Temp\8c80130b9fadbe647697f68309430e30e3af5f9e700072fd4f694030ea28e9bd.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2608

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads